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REMARKS 

By this response, claims 1-4 and 7-22 are pending as a continuing application under 
37 C.F.R. § 1 . 1 1 4 (Request for Continued Examination (RCE)). Compared to prior versions, 
claims 1-3, 7, 8, 13, 14 and 16-22 are amended while 4, 9-12 and 15 are original or as 
previously presented. Claims 5 and 6 are canceled. Amendments to the independent claims 
1,8, 16, 21 and 22 primarily relate to substantively addressing the prior art while those to 
dependent claims 2, 3, 7, 13, 14 and 17-19 primarily relate to antecedent basis issues. To 
the extent the prior art remains relevant, these remarks address the merits of the Final Office 
Action mailed May 19, 2005 and the Advisory Action mailed July 12, 2005. 

According to the Examiner, Angelo 5,944,821 anticipates claims 1-4, 6-10, 12-17, 
19-20 and 22 while Angelo and Safadi 6,742,121 render obvious claims 5, 1 1, 18 and 21. 
Since the applicant has included the subject matter of claim 5 (e.g., multiple instances of 
subsequent scores) in all independent claims rejected as anticipated by Angelo (claims 1,8, 
16 and 22), the combined discussion of Angelo and Safadi is especially relevant for all 
pending claims. 

According to Angelo, a secure hash table is created and "stored in protected [SMM] 
memory." Col 4, I 34. In the table, a secure hash value resides "for each program [or 
application] that the user wants to track." Col 4, I 33. Then, when users want to run the 
program or application, 

a system management interrupt (SMI) is generated. The SMI 
places the computer system in a system management mode, 
causing an SMI handler routine to be executed. The SMI 
handler first generates a current hash value for the program to 
be executed. Next, the SMI handler checks the stored hash 
table for an entry for the secured application. If a hash value 
entry is found, it is compared with the newly-calculated hash 
value for the secured application. In the event the two values 
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match, the integrity of the application is guaranteed ... If the 
two values do not match, the user is alerted to the discrepancy 
and may be given the option to update or override the stored 
hash table entry by entering an administrative password. Col. 
4, I 56 - col 5., I 5. 

In all instances of operation, however, Angelo's hash value comparisons occur in a 
system management mode (SMM) of operation "which is entered upon receipt of a system 
management interrupt (SMI)." Col 7, 11 46-47. Purportedly, use of the SMI to enter the 
SMM and conduct hash value comparisons "prevents malicious code from modifying or 
reading these sensitive components of the invention." Col 9, 11 11-12. At no time does 
Angelo ever provide for performing operations without some aspect occurring in the 
SMM operating mode. 

Safadi, on the other hand, relates to "authenticating a downloaded software object." 
Abstract. Upon receipt of the software object, a signature S is extracted (step 302). To be 
sure, this signature is not calculated by the device receiving the downloaded software object. 
Rather, it is "transmitted" with the download and simply "extracted from a message m(s)." 
Col 2, 11 45-47. Next, and independent of the extracted signature S, an object signature 
value S' is calculated by the device receiving the download (step 304). In turn, S and S' are 
compared with one another (step 306). If they equal, the software is validated (step 308). 
If they do not equal, still another object signature value S" is calculated (step 3 1 2). In turn, 
this second calculated value S" is then compared against two values. Namely, S" is 
compared against the first calculated value S' and the originally extracted, non-calculated 
signature S. Depending upon which values equal one another, either m(s) or the object is 
deemed corrupt (steps 316, 320). In certain other instances, additional processing of an S/' 
and S 2 " signatures occurs (step 322, 326), 
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All told, Safadi teaches transmitted and extracted signatures S; calculated first and 
second signatures S' and S"; and, in order to validate software, comparison of the first 
signature S' to the extracted, non-calculated signature S and comparison of the second 
signature S" to both the extracted, non-calculated signature S and to the first calculated 
signature. In comparison to the instant invention, this schema reflects multiple instances 
of signature value comparisons to multiple other signatures and is overly complex. 

On the other hand, the instant invention calculates, not extracts, a single initial score. 
It then calculates pluralities of subsequent scores and "exclusively" compares each of the 
subsequent scores to the initial score. In the event any one of the pluralities of subsequent 
scores is not equal to the initial score, software invalidation occurs. Conversely, subsequent 
scores equal to the initial score result in software validation. This greatly simplifies the prior 
art and, to this end, the independent claims are amended. Moreover, each claim positively 
recites no other score comparisons can occur and certainly distinguishes over Safadi (alone 
or in combination with Angelo) that absolutely insists on multiple different signature 
comparisons amongst multiple different signatures in order to assess whether the original 
signature of m(s) or the software object is corrupt. Some claims go so far as to further 
distinguish the combination of Angelo and Safadi by reciting score calculations occurring 
"exclusively" within an operating system "independent" of a SMM operating condition. 
With more specificity: 

Claim 1 recites an "exclusive comparison" of the pluralities of subsequent scores to 
the initial score "and to no other scores." Neither Angelo nor Safadi teach this. Angelo 
never addresses multiple occurrences of subsequent scores relative to an original score and 
Safadi teaches the complex non-exclusive comparisons of calculated scores to non- 
calculated, extracted signatures and to other calculated scores; 
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Claim 3 and 7 require "disabling" portions of the executable code and "notifying" 
owners, respectively, if the initial score is not equal to any of the subsequent scores. Safadi, 
however, cannot conclude whether the original signature m(s) or the software object is 
corrupt until and after both a second calculated signature S" is compared to the original, 
non-calculated signature S and a first calculated signature S' . Thus, Safadi does not disable 
code or notify owners upon simply determining (at step 314, for example) that a 
subsequently "calculated" signature S" and a first "calculated" signature S' do not equal one 
another. Angelo never contemplates any of these scenarios, let alone disabling code and 
modifying owners, relevant to any of a multiple subsequent score not equaling an initial 
score. This same rationale also applies to claims 9, 13, 17, 18 and 20 and patentability is 
submitted for the reasons given; 

Claim 8 requires "determining" whether executable code has an altered format by 
"exclusively . . . comparing each of the subsequent scores to the [initial] score" and "no 
other score comparisons occur." Safadi, in contrast, insists on multiple signature 
comparisons other than all subsequent, calculated scores being exclusively compared to the 
first, initial signature. Also, the step of calculating scores in the claim occurs "exclusively 
withing an operating system" and does so "independent of a system management mode of 
operation." In this manner, the instant invention more robustly performs calculations and 
is not limited to SMM operation as Angelo is unequivocally limited; 

Claims 1 1 and 12 further require the randomness or predetermined time intervals for 
calculating subsequent scores. In this manner, the ultimate determination of validating 
software can occur either randomly or at predetermined times; 

Claims 1 6 and 22 require "exclusively" comparing the plural subsequent scores to the 
initial score "with neither the subsequent scores being compared to any other values." 
Safadi, on the other hand, absolutely compares its subsequently calculated S" to a value S 
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which is other than the originally calculated value S\ Also, S' is compared to S" and to S. 
Angelo never contemplates such a scenario. Claim 22, for reasons similar to features of 
claim 8, further require comparing sets of executable instructions residing in an operating 
system that are "independent of a system management mode of operation." Again, Angelo 
limits itself to SMM features thereby precluding other modes of operation. The instant 
invention, however, is not so precluded; and 

In combination with various other claim limitations, claim 2 1 requires a second score 
operable to be "exclusively" compared with a first score in order to determine alteration of 
an original format of data. Safadi never allows for exclusive comparisons. Rather, they 
complexly compare many values to many other values in order to troubleshoot whether an 
original signature S of a software object or the software object itself is corrupt. Relative to 
the instant invention, Safadi uses many needless calculations. 

Support for the Applicant' s amendments are found throughout the specification. For 
example, p. 10, 11. 12-15 support the proposition that executable code "responsible for 
performing one or more calculations" resides in low level routines, for instance, "within the 
operating system." Such is nowhere limited to SMM features. At p. 4, 11. 4-11, the 
Applicant teaches that it is the initially calculated score that is compared to "subsequent 
computed scores" and such may occur "randomly, periodically or by manual selection of a 
user." 

The Applicant submits all claims are in a condition for allowance and requests a 
timely Notice of Allowance be issued for same. To the extent any fees are due beyond 
those expressly authorized in the accompanying transmittal forms for the Request for 
Continued Examination, the undersigned authorizes the deduction from Deposit Account 
No. 11-0978. None are believed due, however, because the Applicant has paid the RCE 
filing fee under 37 C.F.R. §1.1 7(e). 
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Finally, the Applicant requests a change in the attorney document number of 



record. Namely, please replace 97 1-128 with 1363-004. The docket number changed when 
the new Power of Attorney (POA) went into effect. 



247 North Broadway 
Lexington, Kentucky 40507 
Phone: (859) 252-0889 
Fax: (859) 252-0779 



I hereby certify that this correspondence 
is being deposited with the United States Postal 
Service as first class mail in an envelope addressed to: 
MAIL STOP RCE, Commissioner for Patents, 
P.O. Box 1450, Alexandria, VA223 13-1450 



Respectfully submitted, 
KING & SCHICKLI, PLLC 




Michael T. Sanderson 



Registration No. 43,082 



Certificate of Mailing 




Page 12 of 12 



